Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/CSIbfr37qfpgL-GMuVMqj4mZ9uM.roa
File: CSIbfr37qfpgL-GMuVMqj4mZ9uM.roa (raw, json)
Hash identifier: cT44s7lSTPF/yaD1pWi7+ZAw7dn0M0iJ0CeoV6fhtm4=
Subject key identifier: 09:22:1B:7E:BD:FB:A9:FA:60:2F:E1:8C:B9:53:2A:8F:89:99:F6:E3
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5DCE1A1F94E4CD62B2C623E5A76E3
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/CSIbfr37qfpgL-GMuVMqj4mZ9uM.roa
Signing time: Wed 01 Jan 2025 07:47:54 +0000
ROA not before: Wed 01 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.144.38.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
185.21.140.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
194.61.234.0/24 maxlen: 24
194.61.235.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:dc:e1:a1:f9:4e:4c:d6:2b:2c:62:3e:5a:76:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09221b7ebdfba9fa602fe18cb9532a8f8999f6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:40:da:e5:a8:b0:56:87:05:dd:85:c5:72:b3:
0f:eb:3c:73:16:22:fb:8a:d1:90:a4:f0:62:20:35:
a5:36:17:29:f7:0e:55:c6:07:d3:79:eb:c1:a4:90:
f1:8b:f1:c5:70:62:37:c7:fa:1b:92:95:e2:bf:af:
1d:99:99:4d:ba:d0:64:2a:16:8c:91:55:33:c3:c6:
5d:0b:fb:73:14:90:35:71:fc:a9:4d:57:d9:41:99:
cc:ed:3a:3c:8a:33:15:4a:6d:3e:42:db:c9:82:97:
9b:2b:f6:ac:69:7f:30:8a:aa:6c:0b:dd:b3:f7:fe:
a1:bf:6d:99:a4:bd:45:03:8f:47:6b:48:7a:53:1d:
f5:fb:eb:f0:b4:81:05:99:53:d2:5d:22:4e:c4:07:
6f:ff:7a:54:a7:b1:1b:39:f2:b8:7c:c2:6c:5a:f9:
a4:38:8f:30:32:a7:d2:ae:65:6a:16:02:ed:b1:ae:
c4:2f:76:68:60:ee:5c:fb:e6:98:51:e8:e3:b9:e3:
4f:e2:a2:78:eb:f9:26:bb:a7:22:49:18:92:83:b2:
cd:45:7b:4c:83:5e:c8:14:b8:79:f0:cb:a2:12:f6:
e5:88:8f:bf:dc:e8:49:67:51:d3:e3:64:54:54:56:
74:47:d6:07:f0:ea:62:59:ca:e3:92:e9:e5:6c:59:
d1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:1B:7E:BD:FB:A9:FA:60:2F:E1:8C:B9:53:2A:8F:89:99:F6:E3
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/CSIbfr37qfpgL-GMuVMqj4mZ9uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.144.38.0/24
45.145.3.0/24
85.8.187.0/24
185.21.140.0/24
194.32.250.0/24
194.61.234.0/23
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:30:aa:9c:65:7b:06:fd:18:b2:19:34:fd:50:d1:c3:32:22:
c5:f5:56:20:fd:2d:50:c2:22:da:71:85:0c:1e:f4:a1:7e:45:
14:4b:fc:d6:9b:3c:07:d9:79:d3:54:7b:a1:a4:fc:ad:ab:2c:
53:29:3c:03:00:19:a0:51:7b:9e:e2:3f:b2:76:09:af:5f:d3:
b4:51:9e:25:a0:16:0e:9b:b3:e3:ee:0a:75:c7:40:91:16:74:
99:b5:f3:32:6f:26:d0:c6:18:b6:01:41:94:50:57:25:9f:cf:
e0:53:46:eb:f8:b6:c7:4e:e1:16:5a:5b:d2:58:15:9a:99:d1:
d1:fa:9b:70:8f:68:7c:45:8f:43:38:8c:ee:b9:1b:d3:32:0d:
7f:ec:6d:6b:73:84:88:7f:53:e6:29:f1:ac:7c:b1:52:29:69:
58:46:93:8f:87:03:d7:4c:c7:af:51:df:0f:80:59:05:e4:58:
a3:ad:86:6b:36:48:1d:84:09:cc:ec:95:e7:6e:c0:1d:34:25:
65:6b:df:7f:78:8b:34:01:dd:31:10:1e:ff:f2:7c:17:8c:30:
08:ac:8e:c3:67:eb:83:ef:71:28:d5:2e:bf:a2:c4:f2:31:0c:
e7:30:67:d5:49:6f:53:0d:ee:22:46:b5:e1:8e:eb:80:1f:ca:
85:1f:27:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQg1dzhoflOTNYrLGI+WnbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIyMWI3ZWJkZmJhOWZhNjAyZmUxOGNiOTUzMmE4Zjg5OTlmNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EDa5aiwVocF3YXFcrMP6zxzFiL7
itGQpPBiIDWlNhcp9w5VxgfTeevBpJDxi/HFcGI3x/obkpXiv68dmZlNutBkKhaM
kVUzw8ZdC/tzFJA1cfypTVfZQZnM7To8ijMVSm0+QtvJgpebK/asaX8wiqpsC92z
9/6hv22ZpL1FA49Ha0h6Ux31++vwtIEFmVPSXSJOxAdv/3pUp7EbOfK4fMJsWvmk
OI8wMqfSrmVqFgLtsa7EL3ZoYO5c++aYUejjueNP4qJ46/kmu6ciSRiSg7LNRXtM
g17IFLh58MuiEvbliI+/3OhJZ1HT42RUVFZ0R9YH8OpiWcrjkunlbFnRJwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAkiG369+6n6YC/hjLlTKo+JmfbjMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvQ1NJYmZyMzdxZnBnTC1HTXVWTXFqNG1aOXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAuRWMAwQAwiD6AwQBwj3qAwQA
1YvnMA0GCSqGSIb3DQEBCwUAA4IBAQCbMKqcZXsG/RiyGTT9UNHDMiLF9VYg/S1Q
wiLacYUMHvShfkUUS/zWmzwH2XnTVHuhpPytqyxTKTwDABmgUXue4j+ydgmvX9O0
UZ4loBYOm7Pj7gp1x0CRFnSZtfMybybQxhi2AUGUUFcln8/gU0br+LbHTuEWWlvS
WBWamdHR+ptwj2h8RY9DOIzuuRvTMg1/7G1rc4SIf1PmKfGsfLFSKWlYRpOPhwPX
TMevUd8PgFkF5FijrYZrNkgdhAnM7JXnbsAdNCVla99/eIs0Ad0xEB7/8nwXjDAI
rI7DZ+uD73Eo1S6/osTyMQznMGfVSW9TDe4iRrXhjuuAH8qFHydB
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:50 2025 by rpki-client